On 23.04.2013 15:14, [email protected] wrote: > Author: minfrin > Date: Tue Apr 23 13:14:34 2013 > New Revision: 1470940 > > URL: http://svn.apache.org/r1470940 > Log: > mod_dav: Make sure that when we prepare an If URL for Etag comparison, > we compare unencoded paths. PR 53910 > Patch submitted by Timothy Wood <tjw omnigroup com> > Tested by William Lewis <wiml omnigroup com> > > Modified: > httpd/httpd/trunk/CHANGES > httpd/httpd/trunk/modules/dav/main/util.c >
> Modified: httpd/httpd/trunk/modules/dav/main/util.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?rev=1470940&r1=1470939&r2=1470940&view=diff > ============================================================================== > --- httpd/httpd/trunk/modules/dav/main/util.c (original) > +++ httpd/httpd/trunk/modules/dav/main/util.c Tue Apr 23 13:14:34 2013 > @@ -663,6 +663,13 @@ static dav_error * dav_process_if_header > if (uri_len > 1 && parsed_uri.path[uri_len - 1] == '/') > parsed_uri.path[--uri_len] = '\0'; > > + /* the resources we will compare to have unencoded paths */ > + if (ap_unescape_url(parsed_uri.path) != OK) { > + return dav_new_error(r->pool, HTTP_BAD_REQUEST, > + DAV_ERR_IF_TAGGED, rv, > + "Invalid percent encoded URI in tagged If-header."); > + } > + Where does "rv" come from? Sure you want to use the old value it got earlier in that file and that was already checked against APR_SUCCESS and logged, or should it have been set from the ap_unescape_url() call? Or use a "0" instead? Regards, Rainer
